Merge pull request bitcoin#338

sipa · sipa · commit 31994c8e5b8e · 2015-10-21T16:11:44.000+02:00
f79aa88 Bugfix: swap arguments to noncefp (Pieter Wuille)
diff --git a/src/modules/recovery/main_impl.h b/src/modules/recovery/main_impl.h
@@ -105,7 +105,7 @@ int secp256k1_ecdsa_sign_recoverable(const secp256k1_context* ctx, secp256k1_ecd
         secp256k1_scalar_set_b32(&msg, msg32, NULL);
         while (1) {
             unsigned char nonce32[32];
-            ret = noncefp(nonce32, seckey, msg32, NULL, (void*)noncedata, count);
+            ret = noncefp(nonce32, msg32, seckey, NULL, (void*)noncedata, count);
             if (!ret) {
                 break;
             }
diff --git a/src/modules/recovery/tests_impl.h b/src/modules/recovery/tests_impl.h
@@ -34,6 +34,7 @@ void test_ecdsa_recovery_end_to_end(void) {
     /* Serialize/parse compact and verify/recover. */
     extra[0] = 0;
     CHECK(secp256k1_ecdsa_sign_recoverable(ctx, &rsignature[0], message, privkey, NULL, NULL) == 1);
+    CHECK(secp256k1_ecdsa_sign(ctx, &signature[0], message, privkey, NULL, NULL) == 1);
     CHECK(secp256k1_ecdsa_sign_recoverable(ctx, &rsignature[4], message, privkey, NULL, NULL) == 1);
     CHECK(secp256k1_ecdsa_sign_recoverable(ctx, &rsignature[1], message, privkey, NULL, extra) == 1);
     extra[31] = 1;
@@ -43,6 +44,7 @@ void test_ecdsa_recovery_end_to_end(void) {
     CHECK(secp256k1_ecdsa_sign_recoverable(ctx, &rsignature[3], message, privkey, NULL, extra) == 1);
     CHECK(secp256k1_ecdsa_recoverable_signature_serialize_compact(ctx, sig, &recid, &rsignature[4]) == 1);
     CHECK(secp256k1_ecdsa_recoverable_signature_convert(ctx, &signature[4], &rsignature[4]) == 1);
+    CHECK(memcmp(&signature[4], &signature[0], 64) == 0);
     CHECK(secp256k1_ecdsa_verify(ctx, &signature[4], message, &pubkey) == 1);
     memset(&rsignature[4], 0, sizeof(rsignature[4]));
     CHECK(secp256k1_ecdsa_recoverable_signature_parse_compact(ctx, &rsignature[4], sig, recid) == 1);

Original file line number	Diff line number	Diff line change
`@@ -105,7 +105,7 @@ int secp256k1_ecdsa_sign_recoverable(const secp256k1_context* ctx, secp256k1_ecd`
`105`	`105`	`secp256k1_scalar_set_b32(&msg, msg32, NULL);`
`106`	`106`	`while (1) {`
`107`	`107`	`unsigned char nonce32[32];`
`108`		`- ret = noncefp(nonce32, seckey, msg32, NULL, (void*)noncedata, count);`
	`108`	`+ ret = noncefp(nonce32, msg32, seckey, NULL, (void*)noncedata, count);`
`109`	`109`	`if (!ret) {`
`110`	`110`	`break;`
`111`	`111`	`}`